Skip to content

Enforcement hooks: host-native smoke-test requirement (cross-repo sweep) #4

Description

@BaseInfinity

Context

Both open bug reports on this repo (#1/#3) are the same root cause: bundled SKILL.md
files fail YAML frontmatter parsing on an unquoted colon. That's a packaging/validation gap,
not an enforcement-hook gap -- but it's the same family of problem as what prompted this
issue: something that looks fine in the source repo but breaks for the actual consumer.

This is a converged recommendation from two independent cross-model reviews (Fable 5 and
Codex/GPT-5.5 xhigh) asked in parallel: whether Codex-CLI-family sibling wizards
(codex-sdlc-wizard, codex-rdlc-wizard, codex-gdlc-wizard, opencode-sdlc-wizard) need
independent Fable-led bloat/bug audits, or should inherit lessons more cheaply. Both converged
on the same answer for this repo: not an independent audit -- a host-native smoke-test
requirement.

Why not a full audit

codex-sdlc-wizard (this repo's sibling) already independently hit and fixed the exact
"enforcement hook that looks like it blocks but doesn't" bug class that prompted this sweep
(codex-sdlc-wizard#38, #39, closed May 2026, found via real usage on Snowcone and
m180-jumpseat) -- discovered before claude-sdlc-wizard hit the same shape in its own
hooks (claude-sdlc-wizard#436, #437). That's real evidence a full audit isn't the cheapest
way to catch this class of bug here; a targeted test is.

Proposal

Per Codex's own review (it has direct knowledge of its own hook mechanism that a bloat audit
wouldn't specifically target): a host-native, black-box smoke test per enforcement hook --
not a unit test that invokes the hook script directly, which only proves the script's own
logic, not that Codex actually loaded/trusted/enforced it. Each test should:

  1. Install/load the hook exactly as a real user gets it.
  2. Confirm Codex actually considers it trusted (or deliberately bypass trust for CI, and test
    that path separately).
  3. Drive the forbidden action through the real CLI path -- not a direct script call.
  4. Assert both the user-visible blocking message AND the actual blocked/continued behavior.
  5. Add a "hook present but untrusted/disabled" case as its own test, so a release can't
    silently ship enforcement that never got trusted.
  6. Include representative bypass strings (quoted flags with spaces, absolute binary paths --
    both bypass patterns already proven to work against codex-sdlc-wizard's hooks per #38/#39).

If this repo has real shipped enforcement hooks today, this is worth doing now. If enforcement
here is still thin/aspirational, this is worth baking into whatever implementation plan exists
before treating it as done.


Submitted as part of a cross-repo self-enforcement review pass
(see claude-sdlc-wizard#236 -> PR #440, and codex-sdlc-wizard#58).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions